adwordsadvertisingmedia.com Open in urlscan Pro
103.35.165.184 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://adwordsadvertisingmedia.com/dhl/
Submission: On October 27 via automatic, source phishtank (October 27th 2017, 8:19:11 pm UTC)

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 103.35.165.184, located in India and belongs to ZNETCLOUD-AS ZNet Cloud Services, IN. The main domain is adwordsadvertisingmedia.com.

This is the only time adwordsadvertisingmedia.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DHL (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1	103.35.165.184 103.35.165.184	133683 (ZNETCLOUD...) (ZNETCLOUD-AS ZNet Cloud Services)
15	23.35.98.71 23.35.98.71	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2

1 103.35.165.184 (India)

ASN133683 (ZNETCLOUD-AS ZNet Cloud Services, IN)
PTR: blnx3.securehostdns.com

adwordsadvertisingmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 23.35.98.71 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-35-98-71.deploy.static.akamaitechnologies.com

myaccount.dhl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	dhl.com myaccount.dhl.com	483 KB
1	adwordsadvertisingmedia.com adwordsadvertisingmedia.com	12 KB
16	2

	Domain	Requested by
15	myaccount.dhl.com	adwordsadvertisingmedia.com
1	adwordsadvertisingmedia.com
16	2

This site contains no links.

Subject Issuer	Validity	Valid
www.mydhl.com Symantec Class 3 Secure Server CA - G4	`2017-08-02` - `2018-11-01`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://adwordsadvertisingmedia.com/dhl/
Frame ID: 31985.1
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

Page Statistics

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

494 kB
Transfer

589 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response adwordsadvertisingmedia.com/dhl/	55 KB 12 KB	293ms 160ms	Document text/html	103.35.165.184 ZNETCLOUD-AS ZNet...
General Check archive.org Show headers Download Go to Full URL http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Server 103.35.165.184 , India, ASN133683 (ZNETCLOUD-AS ZNet Cloud Services, IN), Reverse DNS blnx3.securehostdns.com Software Apache / Resource Hash `845e64e38af182b5f6c2b88f78a6b1dc85c2018497a59d03c2bdedb97a76b836` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host adwordsadvertisingmedia.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Cache-Control no-cache Connection keep-alive Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html Cache-Control max-age=172800 Connection Keep-Alive Keep-Alive timeout=10, max=300 Content-Length 11878 Expires Sun, 29 Oct 2017 20:19:00 GMT
GET H/1.1	200 OK	StyleSheet_moz.css myaccount.dhl.com/MyAccount/common/	25 KB 3 KB	156ms 19ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/common/StyleSheet_moz.css?v=1 Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `0a3dcd648d404a770cb46cf789c782ab39b3ef5c34ed00f8d96ade81bda2f915` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 3180
GET H/1.1	200 OK	general_moz.css myaccount.dhl.com/MyAccount/common/	2 KB 659 B	150ms 13ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/common/general_moz.css?v=1 Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `388553a94055421b4986ea5dd5d5fafd214356aaf5efc6d9cbaef28469547b56` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 659
GET H/1.1	200 OK	jquery.min.js Show response myaccount.dhl.com/MyAccount/js/	93 KB 93 KB	155ms 17ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery.min.js?v=1 Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 94840
GET H/1.1	200 OK	jquery-ui.css myaccount.dhl.com/MyAccount/js/	33 KB 6 KB	149ms 12ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery-ui.css?v=1 Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `78a0d18cbe050a7e43989fd47936c3d4ffc721dd263ceeb32b67d4f2a171a959` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 6065
GET H/1.1	200 OK	jquery-ui.js Show response myaccount.dhl.com/MyAccount/js/	202 KB 202 KB	158ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery-ui.js?v=1 Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 206923
GET H/1.1	200 OK	jquery.tablesorter.min.js Show response myaccount.dhl.com/MyAccount/js/tablesorter/	16 KB 16 KB	157ms 7ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/tablesorter/jquery.tablesorter.min.js Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `b90279154254e108748dc80dd226eab336e2c320e4a40569952b46dc5d785536` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 16520
GET H/1.1	200 OK	picnet.table.filter.min.js Show response myaccount.dhl.com/MyAccount/js/tablefilter/	109 KB 109 KB	158ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/tablefilter/picnet.table.filter.min.js Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `323f393a6db534cf6f74b76905004a4233b97f8a2a03e60df646785212680860` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 111264
GET H/1.1	200 OK	jquery.bt.min.js Show response myaccount.dhl.com/MyAccount/js/	22 KB 22 KB	162ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jquery.bt.min.js?v=1 Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `e71cf67aa5f4a9c9bddd2d49c61379f92c13a76cc42762e2c559c820743dc63b` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 22713
GET H/1.1	200 OK	jHtmlArea-0.7.5.min.js Show response myaccount.dhl.com/MyAccount/js/jhtmlarea/scripts/	9 KB 9 KB	163ms 8ms	Script text/plain	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jhtmlarea/scripts/jHtmlArea-0.7.5.min.js Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `033c1011f0d6cabb9ff022af56aa012f12126eabff2d474133d46bf339210307` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 9357
GET H/1.1	200 OK	jHtmlArea.css myaccount.dhl.com/MyAccount/js/jhtmlarea/style/	4 KB 746 B	148ms 12ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jhtmlarea/style/jHtmlArea.css Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `59ac22622fb7779311f782ac310534c6ed3c874070cabefb779235cc79ae9206` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Content-Encoding gzip Last-Modified Thu, 08 Dec 2016 04:16:06 GMT X-Powered-By Servlet/3.0 JSP/2.2 Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 746
GET H/1.1	200 OK	jHtmlArea.Editor.css myaccount.dhl.com/MyAccount/js/jhtmlarea/style/	70 B 70 B	153ms 17ms	Stylesheet text/css	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://myaccount.dhl.com/MyAccount/js/jhtmlarea/style/jHtmlArea.Editor.css Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `be9c9617aa65450832003b333e796157e1d78e59064b2e84a16eefb138ddbfb5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 70 Content-Type text/css
GET H/1.1	200 OK	arrow_r_r_small.gif myaccount.dhl.com/MyAccount/images/	57 B 57 B	7ms 7ms	Image image/gif	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/arrow_r_r_small.gif Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `1e54b2ca043587b99e9ccb869d88d3b90ddaec68940fda348df75e6e4e312990` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 57 Content-Type image/gif
GET H/1.1	200 OK	DHLlogo.gif myaccount.dhl.com/MyAccount/images/	840 B 840 B	11ms 10ms	Image image/gif	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/DHLlogo.gif Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `688876df3eceada75deffe7e228f5a0c360c00656b064bb83c87439b55ba066f` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 840 Content-Type image/gif
GET H/1.1	200 OK	Middle.JPG myaccount.dhl.com/MyAccount/images/	20 KB 20 KB	11ms 10ms	Image image/jpeg	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/Middle.JPG Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `3dbe0f4a2bf44be87ce4f5a8758e5b49147753067239a79f7f444ede4fb35bd4` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 20150 Content-Type image/jpeg
GET H/1.1	200 OK	DPLogo.gif myaccount.dhl.com/MyAccount/images/	863 B 863 B	7ms 7ms	Image image/gif	23.35.98.71 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://myaccount.dhl.com/MyAccount/images/DPLogo.gif Requested by Host: adwordsadvertisingmedia.com URL: http://adwordsadvertisingmedia.com/dhl/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.35.98.71 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a23-35-98-71.deploy.static.akamaitechnologies.com Software / Servlet/3.0 JSP/2.2 Resource Hash `e5c46702fb8d25395448448f0e6c75401fc73e0b654762a8c08cc27ea5514bec` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host myaccount.dhl.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* http://adwordsadvertisingmedia.com/dhl/ Connection keep-alive Cache-Control no-cache Referer http://adwordsadvertisingmedia.com/dhl/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Fri, 27 Oct 2017 20:19:00 GMT Last-Modified Thu, 08 Dec 2016 04:16:06 GMT Connection keep-alive Accept-Ranges bytes X-Powered-By Servlet/3.0 JSP/2.2 Content-Length 863 Content-Type image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DHL (Transportation)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adwordsadvertisingmedia.com
myaccount.dhl.com
103.35.165.184
23.35.98.71
033c1011f0d6cabb9ff022af56aa012f12126eabff2d474133d46bf339210307
0a3dcd648d404a770cb46cf789c782ab39b3ef5c34ed00f8d96ade81bda2f915
1e54b2ca043587b99e9ccb869d88d3b90ddaec68940fda348df75e6e4e312990
323f393a6db534cf6f74b76905004a4233b97f8a2a03e60df646785212680860
388553a94055421b4986ea5dd5d5fafd214356aaf5efc6d9cbaef28469547b56
3dbe0f4a2bf44be87ce4f5a8758e5b49147753067239a79f7f444ede4fb35bd4
59ac22622fb7779311f782ac310534c6ed3c874070cabefb779235cc79ae9206
688876df3eceada75deffe7e228f5a0c360c00656b064bb83c87439b55ba066f
78a0d18cbe050a7e43989fd47936c3d4ffc721dd263ceeb32b67d4f2a171a959
845e64e38af182b5f6c2b88f78a6b1dc85c2018497a59d03c2bdedb97a76b836
b90279154254e108748dc80dd226eab336e2c320e4a40569952b46dc5d785536
be9c9617aa65450832003b333e796157e1d78e59064b2e84a16eefb138ddbfb5
da8edc2a2b29e48e48480a779d36a1eeef6ad155120bdd1b7eb36d4d8fadd32b
e441bb2cea80ca356c69595682c3b7d76c341566b5f851b352434e9eaadf136b
e5c46702fb8d25395448448f0e6c75401fc73e0b654762a8c08cc27ea5514bec
e71cf67aa5f4a9c9bddd2d49c61379f92c13a76cc42762e2c559c820743dc63b

adwordsadvertisingmedia.com Open in urlscan Pro 103.35.165.184 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

16 Requests

94 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

494 kBTransfer

589 kBSize

0 Cookies

0 Outgoing links

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

adwordsadvertisingmedia.com Open in urlscan Pro
103.35.165.184 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

94 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

494 kB
Transfer

589 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!